Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7f16ea-26d3-457f-92cb-87bc58f34665/1/kpi67g2lz1QfLoVQClSG8rodnrY.roa
File: kpi67g2lz1QfLoVQClSG8rodnrY.roa (raw, json)
Hash identifier: tI10iFfB1PcdB4zI+F9p3y3v/kEzKeFmsjfqUKNc46w=
Subject key identifier: 92:98:BA:EE:0D:A5:CF:54:1F:2E:85:50:0A:54:86:F2:BA:1D:9E:B6
Certificate issuer: /CN=2e481909559480d248490d8e1d71c3c093b05fe5
Certificate serial: 01856CAEF6F5AA13059747DAF335C361C6DC
Authority key identifier: 2E:48:19:09:55:94:80:D2:48:49:0D:8E:1D:71:C3:C0:93:B0:5F:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkgZCVWUgNJISQ2OHXHDwJOwX-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7f16ea-26d3-457f-92cb-87bc58f34665/1/kpi67g2lz1QfLoVQClSG8rodnrY.roa
Signing time: Sun 01 Jan 2023 09:34:43 +0000
ROA not before: Sun 01 Jan 2023 09:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201714
IP address blocks: 185.66.4.0/22 maxlen: 24
45.85.100.0/24 maxlen: 24
2a03:1ea0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:f6:f5:aa:13:05:97:47:da:f3:35:c3:61:c6:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e481909559480d248490d8e1d71c3c093b05fe5
Validity
Not Before: Jan 1 09:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9298baee0da5cf541f2e85500a5486f2ba1d9eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b8:d2:14:2f:fb:5d:0a:a1:84:82:b1:c9:bb:
89:d9:e9:bb:62:8c:a5:05:7f:18:f3:e8:4d:c8:ef:
82:5d:6d:7c:58:bc:2a:e0:40:9f:1d:7b:dd:e3:41:
61:c4:fc:e0:20:02:36:ef:64:04:a5:29:fc:2a:e3:
29:47:17:10:03:57:be:74:93:2f:01:41:9d:b1:be:
40:43:b7:86:2f:70:1a:c8:d3:8e:f3:d8:50:06:35:
6a:51:e7:55:8a:e9:bc:1b:61:22:b4:c3:15:39:60:
a7:d1:f1:4c:59:cc:4e:5f:1e:d2:a7:b3:52:22:c3:
50:59:96:16:2d:f1:d5:73:e0:39:6d:ad:38:84:51:
aa:44:0e:06:95:12:ff:cc:bb:0f:3b:4d:4e:70:7f:
09:f7:3b:bf:14:f3:6d:1f:82:58:c9:d9:fa:7b:c9:
72:b7:eb:31:2c:32:a6:ee:0c:4e:a8:c9:1d:00:da:
bd:3d:47:65:62:fb:55:42:46:d8:4e:ca:4d:3f:ea:
f6:51:03:8c:9e:9f:63:5c:e8:ff:02:1e:fb:21:57:
fe:ac:3e:26:64:7d:03:00:0f:19:69:3b:6e:2c:64:
32:08:7c:8e:1a:85:9e:db:b5:08:70:be:27:c6:ed:
4f:83:c3:2f:ec:ac:4a:e5:6a:8c:b7:80:22:c8:c5:
88:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:98:BA:EE:0D:A5:CF:54:1F:2E:85:50:0A:54:86:F2:BA:1D:9E:B6
X509v3 Authority Key Identifier:
keyid:2E:48:19:09:55:94:80:D2:48:49:0D:8E:1D:71:C3:C0:93:B0:5F:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkgZCVWUgNJISQ2OHXHDwJOwX-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7f16ea-26d3-457f-92cb-87bc58f34665/1/kpi67g2lz1QfLoVQClSG8rodnrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7f16ea-26d3-457f-92cb-87bc58f34665/1/LkgZCVWUgNJISQ2OHXHDwJOwX-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.100.0/24
185.66.4.0/22
IPv6:
2a03:1ea0::/32
Signature Algorithm: sha256WithRSAEncryption
a4:bc:2b:37:30:4d:32:06:4a:8f:6e:08:93:dd:e0:a0:0d:43:
c0:1f:30:7a:b6:09:42:48:11:60:7e:cb:eb:43:e1:49:49:ef:
95:56:2f:ab:b0:c2:72:ff:79:7e:ae:3e:9f:ed:36:62:c0:c2:
cd:13:0f:8b:98:e4:54:60:01:c6:6d:cd:66:62:ec:27:1f:d4:
7d:56:19:be:f0:b8:5f:4b:6d:4b:32:53:99:75:f0:47:43:3e:
ec:2b:f6:4f:32:32:bc:f2:d3:65:d0:b9:a0:ac:1b:3a:e3:cb:
ae:c6:e9:50:8f:15:cd:28:c4:08:fc:f2:4f:bc:ce:e2:14:99:
8d:b0:ed:2f:6f:90:92:3a:06:2d:c8:3d:0c:42:43:2a:8f:ed:
b2:47:79:71:5a:e7:82:dd:2e:ea:bb:be:dd:d4:b0:28:c7:f1:
75:4c:ea:ec:c1:aa:87:a9:57:5e:04:4a:8f:0f:18:35:42:40:
fc:a3:9d:43:73:32:2a:47:be:98:e4:d8:0b:26:9f:38:be:4c:
7e:ac:dd:f3:57:a4:0f:4d:f2:a5:af:b8:c1:df:dd:19:2e:ac:
e2:fb:6b:99:55:93:25:d0:35:36:11:ec:80:d9:35:09:ce:37:
fb:8f:a2:c2:58:70:19:d9:ac:a2:e2:a3:11:a7:2c:1c:85:00:
b8:e0:57:9b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsrvb1qhMFl0fa8zXDYcbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDgxOTA5NTU5NDgwZDI0ODQ5MGQ4ZTFkNzFjM2MwOTNi
MDVmZTUwHhcNMjMwMTAxMDkzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjk4YmFlZTBkYTVjZjU0MWYyZTg1NTAwYTU0ODZmMmJhMWQ5ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrjSFC/7XQqhhIKxybuJ2em7Yoyl
BX8Y8+hNyO+CXW18WLwq4ECfHXvd40FhxPzgIAI272QEpSn8KuMpRxcQA1e+dJMv
AUGdsb5AQ7eGL3AayNOO89hQBjVqUedVium8G2EitMMVOWCn0fFMWcxOXx7Sp7NS
IsNQWZYWLfHVc+A5ba04hFGqRA4GlRL/zLsPO01OcH8J9zu/FPNtH4JYydn6e8ly
t+sxLDKm7gxOqMkdANq9PUdlYvtVQkbYTspNP+r2UQOMnp9jXOj/Ah77IVf+rD4m
ZH0DAA8ZaTtuLGQyCHyOGoWe27UIcL4nxu1Pg8Mv7KxK5WqMt4AiyMWI+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJKYuu4Npc9UHy6FUApUhvK6HZ62MB8GA1UdIwQY
MBaAFC5IGQlVlIDSSEkNjh1xw8CTsF/lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtnWkNWV1VnTkpJU1EyT0hYSER3Sk93WC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83ZjE2ZWEtMjZkMy00NTdmLTkyY2It
ODdiYzU4ZjM0NjY1LzEva3BpNjdnMmx6MVFmTG9WUUNsU0c4cm9kbnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83ZjE2ZWEtMjZkMy00NTdmLTkyY2ItODdiYzU4ZjM0NjY1
LzEvTGtnWkNWV1VnTkpJU1EyT0hYSER3Sk93WC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALVVkAwQC
uUIEMA0EAgACMAcDBQAqAx6gMA0GCSqGSIb3DQEBCwUAA4IBAQCkvCs3ME0yBkqP
bgiT3eCgDUPAHzB6tglCSBFgfsvrQ+FJSe+VVi+rsMJy/3l+rj6f7TZiwMLNEw+L
mORUYAHGbc1mYuwnH9R9Vhm+8LhfS21LMlOZdfBHQz7sK/ZPMjK88tNl0LmgrBs6
48uuxulQjxXNKMQI/PJPvM7iFJmNsO0vb5CSOgYtyD0MQkMqj+2yR3lxWueC3S7q
u77d1LAox/F1TOrswaqHqVdeBEqPDxg1QkD8o51DczIqR76Y5NgLJp84vkx+rN3z
V6QPTfKlr7jB390ZLqzi+2uZVZMl0DU2EeyA2TUJzjf7j6LCWHAZ2ayi4qMRpywc
hQC44Feb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org